Filtered by vendor Fujitsu Subscriptions
Total 79 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-3210 4 Fujitsu, Hp, Philips and 1 more 6 Displayview Click, Displayview Click Suite, Display Assistant and 3 more 2024-11-21 N/A
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26.
CVE-2017-10855 2 Fujitsu, Microsoft 4 Fence-explorer, Windows 10, Windows 7 and 1 more 2024-11-21 N/A
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2016-8610 7 Debian, Fujitsu, Netapp and 4 more 55 Debian Linux, M10-1, M10-1 Firmware and 52 more 2024-11-21 7.5 High
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
CVE-2015-2808 9 Canonical, Debian, Fujitsu and 6 more 102 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 99 more 2024-11-21 N/A
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
CVE-2014-7254 1 Fujitsu 1 Arrows Me F-11d 2024-11-21 N/A
Unspecified vulnerability in ARROWS Me F-11D allows physically proximate attackers to read or modify flash memory via unknown vectors.
CVE-2014-7253 1 Fujitsu 4 Arrows Kiss F-03d, Arrows Tab Lte F-01d, F-12c and 1 more 2024-11-21 N/A
FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors.
CVE-2014-7252 4 Disney Interactive, Fujitsu, Lg and 1 more 7 Disney Mobile, Arrows Tab Lte F-01d, Arrows X Lte F-05d and 4 more 2024-11-21 N/A
Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation."
CVE-2014-3898 1 Fujitsu 1 Serverview Operations Manager 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through 6.30.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-7105 1 Fujitsu 2 Interstage Application Server, Interstage Studio 2024-11-21 N/A
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs."
CVE-2013-2566 4 Canonical, Fujitsu, Mozilla and 1 more 24 Ubuntu Linux, M10-1, M10-1 Firmware and 21 more 2024-11-21 N/A
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
CVE-2010-2151 1 Fujitsu 1 E-pares 2024-11-21 N/A
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors.
CVE-2010-2150 1 Fujitsu 1 E-pares 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2149 1 Fujitsu 1 E-pares 2024-11-21 N/A
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2010-1942 1 Fujitsu 1 Interstage Application Server 2024-11-21 N/A
Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device.
CVE-2009-0868 3 Fujitsu, Microsoft, Sun 3 Jasmine2000, Windows, Solaris 2024-11-21 N/A
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2009-0867 1 Fujitsu 1 Enhanced Support Facility 2024-11-21 N/A
The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 allows remote attackers to obtain (1) hardware and (2) software information via unspecified requests in a client connection.
CVE-2009-0271 1 Fujitsu 1 Systemcastwizard Lite 2024-11-21 N/A
Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
CVE-2009-0270 1 Fujitsu 1 Systemcastwizard Lite 2024-11-21 N/A
Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet.
CVE-2009-0264 1 Fujitsu 1 Systemcastwizard Lite 2024-11-21 N/A
Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors.
CVE-2008-7195 1 Fujitsu 1 Interstage Application Server 2024-11-21 N/A
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL.